Chinese hackers have been caught using VLC Media Player to spread malware to its victims, which includes various groups linked to the government, legal, and religious affairs.
In this file photo taken on August 04, 2020, Prince, a member of the hacking group Red Hacker Alliance who refused to give his real name, uses a website that monitors global cyberattacks on his computer at their office in Dongguan, China's southern Guangdong province. - As the number of online devices surges and super-fast 5G connections roll out.
Chinese Hackers and VLC Media Player
As per a news story by Bleeping Computer, security researchers discovered that hackers who are reportedly backed by the Chinese government have been using VLC Media Player to launch their cyberattacks.
To be precise, these Chinese hackers have been using the VLC Media Player to launch their custom malware loader, which attacks the systems of their victims.
It turns out that the VLC Media Player was used in a malware campaign that was allegedly related to espionage.
The hacking campaign using the VLC Media Player appears to have started in the middle of 2021. It was last seen active last Feb., but cybersecurity researchers suggested that the hacking activities may still be ongoing.
The senior information developer of the Symantec Threat Hunter Team, Brigid O Gorman, stated to Bleeping Computer that the hackers are using a clean version of VLC Media Player.
SAPPORO, JAPAN - SEPTEMBER 07: A traffic cone marks a sewer pipe that has raised out of the ground following liquefaction of soil triggered by an earthquake, on September 7, 2018 in Kiyota near Sapporo, Japan.
However, the attackers stuffed a malicious DLL file, which is used for the exporting features of VLC.
The DLL side-loading scheme of the hackers allows them to spread malware in the systems of their victims.
Chinese Hacker Campaign
The researchers of Symantec Threat Hunter Team said that cyberattack campaigns of the hackers target various government and non-governmental organizations on three continents, including North America, Asia, and Europe.
Meanwhile, according to a recent report by The Hacker News, the senior information developer of the Symantec Threat Hunter Team revealed more details about the espionage campaign.
In this photo illustration a young man types on an illuminated computer keyboard typically favored by computer coders on January 25, 2021 in Berlin, Germany. 2020 saw a sharp rise in global cybercrime that was in part driven by the jump in online retailing that ensued during national lockdowns as governments sought to rein in the coronavirus pandemic.
Gorman told the news outlet that although the Chinese hackers targeted government and non-governmental organizations, they also attacked other education and religious groups.
The Symantec Threat Hunter Team developer also revealed that "there are also some victims in the telecoms, legal and pharmaceutical sectors."
However, he went on to note that the attackers primarily go after government orgs and NGOs.
The victims of the hackers were located in numerous countries across the globe, such as Turkey, Israel, India, Canada, the United States, Japan, and Italy.
It is worth noting that there are some instances wherein hackers spy on the systems of their victims for up to nine months without ever being detected.
Related Article: Hackers Backed by the Chinese Government Has Compromised the Computer System of 6 US States
This article is owned by Tech Times
Written by Teejay Boris
